CPSC 467b: Cryptography and Computer Security

Size: px
Start display at page:

Download "CPSC 467b: Cryptography and Computer Security"

Transcription

1 CPSC 467b: Cryptography and Computer Security Michael J. Fischer Lecture 7 February 5, 2013 CPSC 467b, Lecture 7 1/45

2 Stream cipher from block cipher Review of OFB and CFB chaining modes Extending chaining modes to bytes Active adversary attacks Steganography Public-key cryptography RSA Some number theory Factoring Assumption Computing with Big Numbers CPSC 467b, Lecture 7 2/45

3 Stream cipher from block cipher CPSC 467b, Lecture 7 3/45

4 Review of OFB and CFB chaining modes Output Feedback Mode (OFB) Similar to a one-time pad, but keystream is generated from the previous block keys using E k. To encrypt, Alice computes a stream of block keys k 1, k 2,..., where k i = E k (k i 1 ) and k 0 is a fixed initial vector (IV). The block keys are XORed with successive plaintext blocks. That is, c i = m i k i. To decrypt, Bob applies exactly the same method to the ciphertext to get the plaintext. That is, m i = c i k i, where k i = E k (k i 1 ) and k 0 = IV. CPSC 467b, Lecture 7 4/45

5 Review of OFB and CFB chaining modes Cipher-Feedback Mode (CFB) Similar to OFB, but keystream is generated from the previous cipher text blocks using E k. To encrypt, Alice computes a stream of block keys k 1, k 2,..., where k i = E k (c i 1 ) and c 0 is a fixed initial vector (IV). The block keys are XORed with successive plaintext blocks, just as in OFB. That is, c i = m i k i. To decrypt, Bob applies exactly the same method to the ciphertext to get the plaintext. That is, c i = m i k i, where k i = E k (c i 1 ) and c 0 = IV. CPSC 467b, Lecture 7 5/45

6 Extending chaining modes to bytes Stream ciphers from OFB and CFB block ciphers OFB and CFB block modes can be turned into stream ciphers. Both compute c i = m i k i, where k i = E k (k i 1 ) (for OFB); k i = E k (c i 1 ) (for CFB). Assume a block size of b bytes numbered 0,..., b 1. Then c i,j = m i,j k i,j, so each output byte c i,j can be computed before knowing m i,j for j > j; no need to wait for all of m i. One must keep track of j. When j = b, the current block is finished, i must be incremented, j must be reset to 0, and k i+1 must be computed. CPSC 467b, Lecture 7 6/45

7 Extending chaining modes to bytes Extended OFB and CFB modes Simpler (for hardware implementation) and more uniform stream ciphers result by also computing k i a byte at a time. The idea: Use a shift register X to accumulate the feedback bits from previous stages of encryption so that the full-sized blocks needed by the block chaining method are available. X is initialized to some public initialization vector. CPSC 467b, Lecture 7 7/45

8 Extending chaining modes to bytes Some notation Assume block size b = 16 bytes. Define two operations: L and R on blocks: L(x) is the leftmost byte of x; R(x) is the rightmost b 1 bytes of x. CPSC 467b, Lecture 7 8/45

9 Extending chaining modes to bytes Extended OFB and CFB similarities The extended versions of OFB and CFB are very similar. Both maintain a one-block shift register X. The shift register value X s at stage s depends only on c 1,..., c s 1 (which are now single bytes) and the master key k. At stage i, Alice computes X s according to Extended OFB or Extended CFB rules; computes byte key k s = L(E k (X s )); encrypts message byte m s as c s = m s k s. Bob decrypts similarly. CPSC 467b, Lecture 7 9/45

10 Extending chaining modes to bytes Shift register rules The two modes differ in how they update the shift register. Extended OFB mode X s = R(X s 1 ) k s 1 Extended CFB mode X s = R(X s 1 ) c s 1 ( denotes concatenation.) Summary: Extended OFB keeps the most recent b key bytes in X. Extended CFB keeps the most recent b ciphertext bytes in X, CPSC 467b, Lecture 7 10/45

11 Extending chaining modes to bytes Comparison of extended OFB and CFB modes The differences seem minor, but they have profound implications on the resulting cryptosystem. In eofb mode, X s depends only on s and the master key k (and the initialization vector IV), so loss of a ciphertext byte causes loss of only the corresponding plaintext byte. In ecfb mode, loss of ciphertext byte c s causes m s and all succeeding message bytes to become undecipherable until c s is shifted off the end of X. Thus, b message bytes are lost. CPSC 467b, Lecture 7 11/45

12 Extending chaining modes to bytes Downside of extended OFB The downside of eofb is that security is lost if the same master key is used twice for different messages. CFB does not suffer from this problem since different messages lead to different ciphertexts and hence different keystreams. Nevertheless, ecfb has the undesirable property that the keystreams are the same up to and including the first byte in which the two message streams differ. This enables Eve to determine the length of the common prefix of the two message streams and also to determine the XOR of the first bytes at which they differ. CPSC 467b, Lecture 7 12/45

13 Extending chaining modes to bytes Possible solution Possible solution to both problems: Use a different initialization vector for each message. Prefix the ciphertext with the (unencrypted) IV so Bob can still decrypt. CPSC 467b, Lecture 7 13/45

14 Active adversary attacks CPSC 467b, Lecture 7 14/45

15 Active adversary Recall from lecture 3 the active adversary Mallory who has the power to modify messages and generate his own messages as well as eavesdrop. Alice sends c = E k (m), but Bob may receive a corrupted or forged c c. How does Bob know that the message he receives really was sent by Alice? The naive answer is that Bob computes m = D k (c ), and if m looks like a valid message, then Bob accepts it as having come from Alice. The reasoning here is that Mallory, not knowing k, could not possibly have produced a valid-looking message. For any particular cipher such as DES, that assumption may or may not be valid. CPSC 467b, Lecture 7 15/45

16 Some active attacks Three successively weaker (and therefore easier) active attacks in which Mallory might produce fraudulent messages: 1. Produce valid c = E k (m ) for a message m of his choosing. 2. Produce valid c = E k (m ) for a message m that he cannot choose and perhaps does not even know. 3. Alter a valid c = E k (m) to produce a new valid c that corresponds to an altered message m of the true message m. Attack (1) requires computing c = E k (m) without knowing k. This is similar to Eve s ciphertext-only passive attack where she tries to compute m = D k (c) without knowing k. It s conceivable that one attack is possible but not the other. CPSC 467b, Lecture 7 16/45

17 Replay attacks One form of attack (2) clearly is possible. In a replay attack, Mallory substitutes a legitimate old encrypted message c for the current message c. It can be thwarted by adding timestamps and/or sequence numbers to the messages so that Bob can recognize when old messages are being received. Of course, this only works if Alice and Bob anticipate the attack and incorporate appropriate countermeasures into their protocol. CPSC 467b, Lecture 7 17/45

18 Fake encrypted messages Even if replay attacks are ruled out, a cryptosystem that is secure against attack (1) might still permit attack (2). There are all sorts of ways that Mallory can generate values c. What gives us confidence that Bob won t accept one of them as being valid? CPSC 467b, Lecture 7 18/45

19 Message-altering attacks Attack (3) might be possible even when (1) and (2) are not. For example, if c 1 and c 2 are encryptions of valid messages, perhaps so is c 1 c 2. This depends entirely on particular properties of E k unrelated to the difficulty of decrypting a given ciphertext. We will see some cryptosystems later that do have the property of being vulnerable to attack (3). In some contexts, this ability to do meaning computations on ciphertexts can actually be useful, as we shall see. CPSC 467b, Lecture 7 19/45

20 Encrypting random-looking strings Cryptosystems are not always used to send natural language or other highly-redundant messages. For example, suppose Alice wants to send Bob her password to a web site. Knowing full well the dangers of sending passwords in the clear over the internet, she chooses to encrypt it instead. Since passwords are supposed to look like random strings of characters, Bob will likely accept anything he gets from Alice. He could be quite embarrassed (or worse) claiming he knew Alice s password when in fact the password he thought was from Alice was actually a fraudulent one derived from a random ciphertext c produced by Mallory. CPSC 467b, Lecture 7 20/45

21 Steganography CPSC 467b, Lecture 7 21/45

22 Steganography Steganography, hiding one message inside another, is an old technique that is still in use. For example, a message can be hidden inside a graphics image file by using the low-order bit of each pixel to encode the message. The visual effect of these tiny changes is generally too small to be noticed by the user. The message can be hidden further by compressing it or by encrypting it with a conventional cryptosystem. Unlike conventional cryptosystems, steganography relies on the secrecy of the method of hiding for its security. If Eve does not even recognize the message as ciphertext, then she is not likely to attempt to decrypt it. CPSC 467b, Lecture 7 22/45

23 Public-key cryptography CPSC 467b, Lecture 7 23/45

24 Public-key cryptography Classical cryptography uses a single key for both encryption and decryption. This is also called a symmetric or 1-key cryptography. There is no logical reason why the encryption and decryption keys should be the same. Allowing them to differ gives rise to asymmetric cryptography, also known as public-key or 2-key cryptography. CPSC 467b, Lecture 7 24/45

25 Asymmetric cryptosystems An asymmetric cryptosystem has a pair k = (k e, k d ) of related keys, the encryption key k e and the decryption key k d. Alice encrypts a message m by computing c = E ke (m). Bob decrypts c by computing m = D kd (c). We sometimes write e instead of k e and d instead of k d, e.g., E e (m) and D d (c). We sometimes write k instead of k e or k d where the meaning is clear from context, e.g., E k (m) and D k (c). In practice, it isn t generally as confusing as all this, but the potential for misunderstanding is there. As always, the decryption function inverts the encryption function, so m = D d (E e (m)). CPSC 467b, Lecture 7 25/45

26 Security requirement Should be hard for Eve to find m given c = E e (m) and e. The system remains secure even if the encryption key e is made public! e is said to be the public key and d the private key. Reason to make e public. Anybody can send an encrypted message to Bob. Sandra obtains Bob s public key e and sends c = E e (m) to Bob. Bob recovers m by computing D d (c), using his private key d. This greatly simplifies key management. No longer need a secure channel between Alice and Bob for the initial key distribution (which I have carefully avoided talking about so far). CPSC 467b, Lecture 7 26/45

27 Man-in-the-middle attack against 2-key cryptosystem An active adversary Mallory can carry out a nasty man-in-the-middle attack. Mallory sends his own encryption key to Sandra when she attempts to obtain Bob s key. Not knowing she has been duped, Sandra encrypts her private data using Mallory s public key, so Mallory can read it (but Bob cannot)! To keep from being discovered, Mallory intercepts each message from Sandra to Bob, decrypts using his own decryption key, re-encrypts using Bob s public encryption key, and sends it on to Bob. Bob, receiving a validly encrypted message, is none the wiser. CPSC 467b, Lecture 7 27/45

28 Passive attacks against a 2-key cryptosystem Making the encryption key public also helps a passive attacker. 1. Chosen-plaintext attacks are available since Eve can generate as many plaintext-ciphertext pairs as she wishes using the public encryption function E e (). 2. The public encryption function also gives Eve a foolproof way to check the validity of a potential decryption. Namely, Eve can verify D d (c) = m 0 for some candidate message m 0 by checking that c = E e (m 0 ). Redundancy in the set of meaningful messages is no longer necessary for brute force attacks. CPSC 467b, Lecture 7 28/45

29 Facts about asymmetric cryptosystems Good asymmetric cryptosystems are much harder to design than good symmetric cryptosystems. All known asymmetric systems are orders of magnitude slower than corresponding symmetric systems. CPSC 467b, Lecture 7 29/45

30 Hybrid cryptosystems Asymmetric and symmetric cryptosystems are often used together. Let (E 2, D 2 ) be a 2-key cryptosystem and (E 1, D 1 ) be a 1-key cryptosystem. Here s how Alice sends a secret message m to Bob. Alice generates a random session key k. Alice computes c 1 = E 1 k (m) and c 2 = E 2 e (k), where e is Bob s public key, and sends (c 1, c 2 ) to Bob. Bob computes k = D 2 d (c 2) using his private decryption key d and then computes m = D 1 k (c 1). This is much more efficient than simply sending E 2 e (m) in the usual case that m is much longer than k. Note that the 2-key system is used to encrypt random strings! CPSC 467b, Lecture 7 30/45

31 RSA CPSC 467b, Lecture 7 31/45

32 Overview of RSA Probably the most commonly used asymmetric cryptosystem today is RSA, named from the initials of its three inventors, Rivest, Shamir, and Adelman. Unlike the symmetric systems we have been talking about so far, RSA is based not on substitution and transposition but on arithmetic involving very large integers numbers that are hundreds or even thousands of bits long. To understand why RSA works requires knowing a bit of number theory. However, the basic ideas can be presented quite simply, which I will do now. CPSC 467b, Lecture 7 32/45

33 RSA spaces The message space, ciphertext space, and key space for RSA is the set of integers Z n = {0,..., n 1} for some very large integer n. For now, think of n as a number so large that its binary representation is 1024 bits long. Such a number is unimaginably big. It is bigger than For comparison, the number of atoms in the observable universe 1 is estimated to be only Wikipedia, universe CPSC 467b, Lecture 7 33/45

34 Encoding bit strings by integers To use RSA as a block cipher on bit strings, Alice must convert each block to an integer m Z n, and Bob must convert m back to a block. Many such encodings are possible, but perhaps the simplest is to prepend a 1 to the block x and regard the result as a binary integer m. To decode m to a block, write out m in binary and then delete the initial 1 bit. To ensure that m < n as required, we limit the length of our blocks to 1022 bits. CPSC 467b, Lecture 7 34/45

35 RSA key generation Here s how Bob generates an RSA key pair. Bob chooses two sufficiently large distinct prime numbers p and q and computes n = pq. For security, p and q should be about the same length (when written in binary). He computes two numbers e and d with a certain number-theoretic relationship. The public key is the pair k e = (e, n). The private key is the pair k d = (d, n). The primes p and q are no longer needed and should be discarded. CPSC 467b, Lecture 7 35/45

36 RSA encryption and decryption To encrypt, Alice computes c = m e mod n. 2 To decrypt, Bob computes m = c d mod n. Here, a mod n denotes the remainder when a is divided by n. This works because e and d are chosen so that, for all m, m = (m e mod n) d mod n. (1) That s all there is to it, once the keys have been found. Most of the complexity in implementing RSA has to do with key generation, which fortunately is done only infrequently. 2 For now, assume all messages and ciphertexts are integers in Z n. CPSC 467b, Lecture 7 36/45

37 RSA questions You should already be asking yourself the following questions: How does one find n, e, d such that equation 1 is satisfied? Why is RSA believed to be secure? How can one implement RSA on a computer when most computers only support arithmetic on 32-bit or 64-bit integers, and how long does it take? How can one possibly compute m e mod n for 1024 bit numbers. m e, before taking the remainder, has size roughly ( ) = = = This is a number that is roughly bits long! No computer has enough memory to store that number, and no computer is fast enough to compute it. CPSC 467b, Lecture 7 37/45

38 Tools needed to answer RSA questions Two kinds of tools are needed to understand and implement RSA. Algorithms: Need clever algorithms for primality testing, fast exponentiation, and modular inverse computation. Number theory: Need some theory of Z n, the integers modulo n, and some special properties of numbers n that are the product of two primes. CPSC 467b, Lecture 7 38/45

39 Some number theory CPSC 467b, Lecture 7 39/45

40 Factoring Factoring assumption The factoring problem is to find a prime divisor of a composite number n. The factoring assumption is that there is no probabilistic polynomial-time algorithm for solving the factoring problem, even for the special case of an integer n that is the product of just two distinct primes The security of RSA is based on the factoring assumption. No feasible factoring algorithm is known, but there is no proof that such an algorithm does not exist. CPSC 467b, Lecture 7 40/45

41 Factoring How big is big enough? The security of RSA depends on n, p, q being sufficiently large. What is sufficiently large? That s hard to say, but n is typically chosen to be at least 1024 bits long, or for better security, 2048 bits long. The primes p and q whose product is n are generally chosen be roughly the same length, so each will be about half as long as n. CPSC 467b, Lecture 7 41/45

42 Bignums Algorithms for arithmetic on big numbers The arithmetic built into typical computers can handle only 32-bit or 64-bit integers. Hence, all arithmetic on large integers must be performed by software routines. The straightforward algorithms for addition and multiplication have time complexities O(N) and O(N 2 ), respectively, where N is the length (in bits) of the integers involved. Asymptotically faster multiplication algorithms are known, but they involve large constant factor overheads. It s not clear whether they are practical for numbers of the sizes we are talking about. CPSC 467b, Lecture 7 42/45

43 Bignums Big number libraries A lot of cleverness is possible in the careful implementation of even the O(N 2 ) multiplication algorithms, and a good implementation can be many times faster in practice than a poor one. They are also hard to get right because of many special cases that must be handled correctly! Most people choose to use big number libraries written by others rather than write their own code. Two such libraries that you can use in this course: 1. GMP (GNU Multiple Precision Arithmetic Library); 2. The big number routines in the openssl crypto library. CPSC 467b, Lecture 7 43/45

44 Bignums GMP GMP provides a large number of highly-optimized function calls for use with C and C++. It is preinstalled on all of the Zoo nodes and supported by the open source community. Type info gmp at a shell for documentation. CPSC 467b, Lecture 7 44/45

45 Bignums Openssl crypto package OpenSSL is a cryptography toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) network protocols and related cryptography standards required by them. It is widely used and pretty well debugged. The protocols require cryptography, and OpenSSL implements its own big number routines which are contained in its crypto library. Type man crypto for general information about the library, and man bn for specifics of the big number routines. CPSC 467b, Lecture 7 45/45

CPSC 467: Cryptography and Computer Security

CPSC 467: Cryptography and Computer Security CPSC 467: Cryptography and Computer Security Michael J. Fischer Lecture 8 September 28, 2015 CPSC 467, Lecture 8 1/44 Chaining Modes Block chaining modes Extending chaining modes to bytes Public-key Cryptography

More information

CPSC 467b: Cryptography and Computer Security

CPSC 467b: Cryptography and Computer Security CPSC 467b: Cryptography and Computer Security Michael J. Fischer Lecture 7 January 30, 2012 CPSC 467b, Lecture 7 1/44 Public-key cryptography RSA Factoring Assumption Computing with Big Numbers Fast Exponentiation

More information

CPSC 467: Cryptography and Computer Security

CPSC 467: Cryptography and Computer Security CPSC 467: Cryptography and Computer Security Michael J. Fischer Lecture 8 September 22, 2014 CPSC 467, Lecture 8 1/59 Chaining Modes Block chaining modes Extending chaining modes to bytes Public-key Cryptography

More information

CPSC 467b: Cryptography and Computer Security

CPSC 467b: Cryptography and Computer Security CPSC 467b: Cryptography and Computer Security Lecture 6 Michael J. Fischer Department of Computer Science Yale University January 27, 2010 Michael J. Fischer CPSC 467b, Lecture 6 1/36 1 Using block ciphers

More information

CPSC 467b: Cryptography and Computer Security

CPSC 467b: Cryptography and Computer Security CPSC 467b: Cryptography and Computer Security Michael J. Fischer Lecture 6 January 25, 2012 CPSC 467b, Lecture 6 1/46 Byte padding Chaining modes Stream ciphers Symmetric cryptosystem families Stream ciphers

More information

CPSC 467: Cryptography and Computer Security

CPSC 467: Cryptography and Computer Security CPSC 467: Cryptography and Computer Security Michael J. Fischer Lecture 11 October 4, 2017 CPSC 467, Lecture 11 1/39 ElGamal Cryptosystem Message Integrity and Authenticity Message authentication codes

More information

Study Guide to Mideterm Exam

Study Guide to Mideterm Exam YALE UNIVERSITY DEPARTMENT OF COMPUTER SCIENCE CPSC 467b: Cryptography and Computer Security Handout #7 Professor M. J. Fischer February 20, 2012 Study Guide to Mideterm Exam For the exam, you are responsible

More information

CPSC 467: Cryptography and Computer Security

CPSC 467: Cryptography and Computer Security CPSC 467: Cryptography and Computer Michael J. Fischer Lecture 4 September 11, 2017 CPSC 467, Lecture 4 1/23 Analyzing Confidentiality of Cryptosystems Secret ballot elections Information protection Adversaries

More information

Overview. Public Key Algorithms I

Overview. Public Key Algorithms I Public Key Algorithms I Dr. Arjan Durresi Louisiana State University Baton Rouge, LA 70810 Durresi@csc.lsu.Edu These slides are available at: http://www.csc.lsu.edu/~durresi/csc4601-04/ Louisiana State

More information

Algorithms (III) Yijia Chen Shanghai Jiaotong University

Algorithms (III) Yijia Chen Shanghai Jiaotong University Algorithms (III) Yijia Chen Shanghai Jiaotong University Review of the Previous Lecture Factoring: Given a number N, express it as a product of its prime factors. Many security protocols are based on the

More information

Algorithms (III) Yu Yu. Shanghai Jiaotong University

Algorithms (III) Yu Yu. Shanghai Jiaotong University Algorithms (III) Yu Yu Shanghai Jiaotong University Review of the Previous Lecture Factoring: Given a number N, express it as a product of its prime factors. Many security protocols are based on the assumed

More information

What did we talk about last time? Public key cryptography A little number theory

What did we talk about last time? Public key cryptography A little number theory Week 4 - Friday What did we talk about last time? Public key cryptography A little number theory If p is prime and a is a positive integer not divisible by p, then: a p 1 1 (mod p) Assume a is positive

More information

Symmetric Encryption

Symmetric Encryption Symmetric Encryption Ahmed Y. Banihammd & Ihsan, ALTUNDAG Mon November 5, 2007 Advanced Cryptography 1st Semester 2007-2008 University Joseph Fourrier, Verimag Master Of Information Security And Coding

More information

Public Key Cryptography

Public Key Cryptography graphy CSS322: Security and Cryptography Sirindhorn International Institute of Technology Thammasat University Prepared by Steven Gordon on 29 December 2011 CSS322Y11S2L07, Steve/Courses/2011/S2/CSS322/Lectures/rsa.tex,

More information

Computer Security. 08r. Pre-exam 2 Last-minute Review Cryptography. Paul Krzyzanowski. Rutgers University. Spring 2018

Computer Security. 08r. Pre-exam 2 Last-minute Review Cryptography. Paul Krzyzanowski. Rutgers University. Spring 2018 Computer Security 08r. Pre-exam 2 Last-minute Review Cryptography Paul Krzyzanowski Rutgers University Spring 2018 March 26, 2018 CS 419 2018 Paul Krzyzanowski 1 Cryptographic Systems March 26, 2018 CS

More information

CPSC 467b: Cryptography and Computer Security

CPSC 467b: Cryptography and Computer Security CPSC 467b: Cryptography and Computer Security Michael J. Fischer Lecture 3 January 13, 2012 CPSC 467b, Lecture 3 1/36 Perfect secrecy Caesar cipher Loss of perfection Classical ciphers One-time pad Affine

More information

ISA 562: Information Security, Theory and Practice. Lecture 1

ISA 562: Information Security, Theory and Practice. Lecture 1 ISA 562: Information Security, Theory and Practice Lecture 1 1 Encryption schemes 1.1 The semantics of an encryption scheme. A symmetric key encryption scheme allows two parties that share a secret key

More information

Public Key Cryptography and the RSA Cryptosystem

Public Key Cryptography and the RSA Cryptosystem Public Key Cryptography and the RSA Cryptosystem Two people, say Alice and Bob, would like to exchange secret messages; however, Eve is eavesdropping: One technique would be to use an encryption technique

More information

Algorithms (III) Yijia Chen Shanghai Jiaotong University

Algorithms (III) Yijia Chen Shanghai Jiaotong University Algorithms (III) Yijia Chen Shanghai Jiaotong University Review of the Previous Lecture Factoring: Given a number N, express it as a product of its prime factors. Many security protocols are based on the

More information

RSA (material drawn from Avi Kak Lecture 12, Lecture Notes on "Computer and Network Security" Used in asymmetric crypto.

RSA (material drawn from Avi Kak Lecture 12, Lecture Notes on Computer and Network Security Used in asymmetric crypto. RSA (material drawn from Avi Kak (kak@purdue.edu) Lecture 12, Lecture Notes on "Computer and Network Security" Used in asymmetric crypto. protocols The RSA algorithm is based on the following property

More information

This chapter continues our overview of public-key cryptography systems (PKCSs), and begins with a description of one of the earliest and simplest

This chapter continues our overview of public-key cryptography systems (PKCSs), and begins with a description of one of the earliest and simplest 1 2 3 This chapter continues our overview of public-key cryptography systems (PKCSs), and begins with a description of one of the earliest and simplest PKCS, Diffie- Hellman key exchange. This first published

More information

2.1 Basic Cryptography Concepts

2.1 Basic Cryptography Concepts ENEE739B Fall 2005 Part 2 Secure Media Communications 2.1 Basic Cryptography Concepts Min Wu Electrical and Computer Engineering University of Maryland, College Park Outline: Basic Security/Crypto Concepts

More information

Computer Security. 08. Cryptography Part II. Paul Krzyzanowski. Rutgers University. Spring 2018

Computer Security. 08. Cryptography Part II. Paul Krzyzanowski. Rutgers University. Spring 2018 Computer Security 08. Cryptography Part II Paul Krzyzanowski Rutgers University Spring 2018 March 23, 2018 CS 419 2018 Paul Krzyzanowski 1 Block ciphers Block ciphers encrypt a block of plaintext at a

More information

CS 161 Computer Security

CS 161 Computer Security Raluca Popa Spring 2018 CS 161 Computer Security Homework 2 Due: Wednesday, February 14, at 11:59pm Instructions. This homework is due Wednesday, February 14, at 11:59pm. No late homeworks will be accepted.

More information

Public Key Algorithms

Public Key Algorithms Public Key Algorithms CS 472 Spring 13 Lecture 6 Mohammad Almalag 2/19/2013 Public Key Algorithms - Introduction Public key algorithms are a motley crew, how? All hash algorithms do the same thing: Take

More information

Cryptography Worksheet

Cryptography Worksheet Cryptography Worksheet People have always been interested in writing secret messages. In ancient times, people had to write secret messages to keep messengers and interceptors from reading their private

More information

CS669 Network Security

CS669 Network Security UNIT II PUBLIC KEY ENCRYPTION Uniqueness Number Theory concepts Primality Modular Arithmetic Fermet & Euler Theorem Euclid Algorithm RSA Elliptic Curve Cryptography Diffie Hellman Key Exchange Uniqueness

More information

Lecture 6 - Cryptography

Lecture 6 - Cryptography Lecture 6 - Cryptography CMPSC 443 - Spring 2012 Introduction Computer and Network Security Professor Jaeger www.cse.psu.edu/~tjaeger/cse443-s12 Question Setup: Assume you and I donʼt know anything about

More information

CS 161 Computer Security

CS 161 Computer Security Paxson Spring 2013 CS 161 Computer Security 3/14 Asymmetric cryptography Previously we saw symmetric-key cryptography, where Alice and Bob share a secret key K. However, symmetric-key cryptography can

More information

Introduction to Cryptography and Security Mechanisms. Abdul Hameed

Introduction to Cryptography and Security Mechanisms. Abdul Hameed Introduction to Cryptography and Security Mechanisms Abdul Hameed http://informationtechnology.pk Before we start 3 Quiz 1 From a security perspective, rather than an efficiency perspective, which of the

More information

1 Achieving IND-CPA security

1 Achieving IND-CPA security ISA 562: Information Security, Theory and Practice Lecture 2 1 Achieving IND-CPA security 1.1 Pseudorandom numbers, and stateful encryption As we saw last time, the OTP is perfectly secure, but it forces

More information

Secure Multiparty Computation

Secure Multiparty Computation CS573 Data Privacy and Security Secure Multiparty Computation Problem and security definitions Li Xiong Outline Cryptographic primitives Symmetric Encryption Public Key Encryption Secure Multiparty Computation

More information

Public-key encipherment concept

Public-key encipherment concept Date: onday, October 21, 2002 Prof.: Dr Jean-Yves Chouinard Design of Secure Computer Systems CSI4138/CEG4394 Notes on Public Key Cryptography Public-key encipherment concept Each user in a secure communication

More information

Midterm Exam. CS381-Cryptography. October 30, 2014

Midterm Exam. CS381-Cryptography. October 30, 2014 Midterm Exam CS381-Cryptography October 30, 2014 Useful Items denotes exclusive-or, applied either to individual bits or to sequences of bits. The same operation in Python is denoted ˆ. 2 10 10 3 = 1000,

More information

Lecturers: Mark D. Ryan and David Galindo. Cryptography Slide: 24

Lecturers: Mark D. Ryan and David Galindo. Cryptography Slide: 24 Assume encryption and decryption use the same key. Will discuss how to distribute key to all parties later Symmetric ciphers unusable for authentication of sender Lecturers: Mark D. Ryan and David Galindo.

More information

Great Theoretical Ideas in Computer Science. Lecture 27: Cryptography

Great Theoretical Ideas in Computer Science. Lecture 27: Cryptography 15-251 Great Theoretical Ideas in Computer Science Lecture 27: Cryptography What is cryptography about? Adversary Eavesdropper I will cut his throat I will cut his throat What is cryptography about? loru23n8uladjkfb!#@

More information

Chapter 9. Public Key Cryptography, RSA And Key Management

Chapter 9. Public Key Cryptography, RSA And Key Management Chapter 9 Public Key Cryptography, RSA And Key Management RSA by Rivest, Shamir & Adleman of MIT in 1977 The most widely used public-key cryptosystem is RSA. The difficulty of attacking RSA is based on

More information

CS 161 Computer Security

CS 161 Computer Security Popa & Wagner Spring 2016 CS 161 Computer Security Discussion 5 Week of February 19, 2017 Question 1 Diffie Hellman key exchange (15 min) Recall that in a Diffie-Hellman key exchange, there are values

More information

CSC 580 Cryptography and Computer Security

CSC 580 Cryptography and Computer Security CSC 580 Cryptography and Computer Security Encryption Concepts, Classical Crypto, and Binary Operations January 30, 2018 Overview Today: Cryptography concepts and classical crypto Textbook sections 3.1,

More information

CSE 127: Computer Security Cryptography. Kirill Levchenko

CSE 127: Computer Security Cryptography. Kirill Levchenko CSE 127: Computer Security Cryptography Kirill Levchenko October 24, 2017 Motivation Two parties want to communicate securely Secrecy: No one else can read messages Integrity: messages cannot be modified

More information

Public-Key Cryptography. Professor Yanmin Gong Week 3: Sep. 7

Public-Key Cryptography. Professor Yanmin Gong Week 3: Sep. 7 Public-Key Cryptography Professor Yanmin Gong Week 3: Sep. 7 Outline Key exchange and Diffie-Hellman protocol Mathematical backgrounds for modular arithmetic RSA Digital Signatures Key management Problem:

More information

Introduction to Cryptography and Security Mechanisms: Unit 5. Public-Key Encryption

Introduction to Cryptography and Security Mechanisms: Unit 5. Public-Key Encryption Introduction to Cryptography and Security Mechanisms: Unit 5 Public-Key Encryption Learning Outcomes Explain the basic principles behind public-key cryptography Recognise the fundamental problems that

More information

1.264 Lecture 28. Cryptography: Asymmetric keys

1.264 Lecture 28. Cryptography: Asymmetric keys 1.264 Lecture 28 Cryptography: Asymmetric keys Next class: Anderson chapters 20. Exercise due before class (Reading doesn t cover same topics as lecture) 1 Asymmetric or public key encryption Receiver

More information

Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2010

Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2010 CS 494/594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2010 1 Public Key Cryptography Modular Arithmetic RSA

More information

Cryptography & Key Exchange Protocols. Faculty of Computer Science & Engineering HCMC University of Technology

Cryptography & Key Exchange Protocols. Faculty of Computer Science & Engineering HCMC University of Technology Cryptography & Key Exchange Protocols Faculty of Computer Science & Engineering HCMC University of Technology Outline 1 Cryptography-related concepts 2 3 4 5 6 7 Key channel for symmetric cryptosystems

More information

CSCI 454/554 Computer and Network Security. Topic 5.2 Public Key Cryptography

CSCI 454/554 Computer and Network Security. Topic 5.2 Public Key Cryptography CSCI 454/554 Computer and Network Security Topic 5.2 Public Key Cryptography Outline 1. Introduction 2. RSA 3. Diffie-Hellman Key Exchange 4. Digital Signature Standard 2 Introduction Public Key Cryptography

More information

L13. Reviews. Rocky K. C. Chang, April 10, 2015

L13. Reviews. Rocky K. C. Chang, April 10, 2015 L13. Reviews Rocky K. C. Chang, April 10, 2015 1 Foci of this course Understand the 3 fundamental cryptographic functions and how they are used in network security. Understand the main elements in securing

More information

Computer Security 3/23/18

Computer Security 3/23/18 s s encrypt a block of plaintext at a time and produce ciphertext Computer Security 08. Cryptography Part II Paul Krzyzanowski DES & AES are two popular block ciphers DES: 64 bit blocks AES: 128 bit blocks

More information

Using block ciphers 1

Using block ciphers 1 Using block ciphers 1 Using block ciphers DES is a type of block cipher, taking 64-bit plaintexts and returning 64-bit ciphetexts. We now discuss a number of ways in which block ciphers are employed in

More information

Outline. CSCI 454/554 Computer and Network Security. Introduction. Topic 5.2 Public Key Cryptography. 1. Introduction 2. RSA

Outline. CSCI 454/554 Computer and Network Security. Introduction. Topic 5.2 Public Key Cryptography. 1. Introduction 2. RSA CSCI 454/554 Computer and Network Security Topic 5.2 Public Key Cryptography 1. Introduction 2. RSA Outline 3. Diffie-Hellman Key Exchange 4. Digital Signature Standard 2 Introduction Public Key Cryptography

More information

Encryption Providing Perfect Secrecy COPYRIGHT 2001 NON-ELEPHANT ENCRYPTION SYSTEMS INC.

Encryption Providing Perfect Secrecy COPYRIGHT 2001 NON-ELEPHANT ENCRYPTION SYSTEMS INC. Encryption Providing Perfect Secrecy Presented at Calgary Unix Users Group. November 27, 2001 by: Mario Forcinito, PEng, PhD With many thanks to Prof. Aiden Bruen from the Mathematics Department, University

More information

Lecture 3 Algorithms with numbers (cont.)

Lecture 3 Algorithms with numbers (cont.) Advanced Algorithms Floriano Zini Free University of Bozen-Bolzano Faculty of Computer Science Academic Year 2013-2014 Lecture 3 Algorithms with numbers (cont.) 1 Modular arithmetic For cryptography it

More information

A Tour of Classical and Modern Cryptography

A Tour of Classical and Modern Cryptography A Tour of Classical and Modern Cryptography Evan P. Dummit University of Rochester May 25, 2016 Outline Contents of this talk: Overview of cryptography (what cryptography is) Historical cryptography (how

More information

CSE 3461/5461: Introduction to Computer Networking and Internet Technologies. Network Security. Presentation L

CSE 3461/5461: Introduction to Computer Networking and Internet Technologies. Network Security. Presentation L CS 3461/5461: Introduction to Computer Networking and Internet Technologies Network Security Study: 21.1 21.5 Kannan Srinivasan 11-27-2012 Security Attacks, Services and Mechanisms Security Attack: Any

More information

Public Key Cryptography and RSA

Public Key Cryptography and RSA Public Key Cryptography and RSA Major topics Principles of public key cryptosystems The RSA algorithm The Security of RSA Motivations A public key system is asymmetric, there does not have to be an exchange

More information

Chapter 3 Public Key Cryptography

Chapter 3 Public Key Cryptography Cryptography and Network Security Chapter 3 Public Key Cryptography Lectured by Nguyễn Đức Thái Outline Number theory overview Public key cryptography RSA algorithm 2 Prime Numbers A prime number is an

More information

Cryptography Introduction to Computer Security. Chapter 8

Cryptography Introduction to Computer Security. Chapter 8 Cryptography Introduction to Computer Security Chapter 8 Introduction Cryptology: science of encryption; combines cryptography and cryptanalysis Cryptography: process of making and using codes to secure

More information

CS61A Lecture #39: Cryptography

CS61A Lecture #39: Cryptography Announcements: CS61A Lecture #39: Cryptography Homework 13 is up: due Monday. Homework 14 will be judging the contest. HKN surveys on Friday: 7.5 bonus points for filling out their survey on Friday (yes,

More information

Outline. Public Key Cryptography. Applications of Public Key Crypto. Applications (Cont d)

Outline. Public Key Cryptography. Applications of Public Key Crypto. Applications (Cont d) Outline AIT 682: Network and Systems Security 1. Introduction 2. RSA 3. Diffie-Hellman Key Exchange 4. Digital Signature Standard Topic 5.2 Public Key Cryptography Instructor: Dr. Kun Sun 2 Public Key

More information

page 1 Introduction to Cryptography Benny Pinkas Lecture 3 November 18, 2008 Introduction to Cryptography, Benny Pinkas

page 1 Introduction to Cryptography Benny Pinkas Lecture 3 November 18, 2008 Introduction to Cryptography, Benny Pinkas Introduction to Cryptography Lecture 3 Benny Pinkas page 1 1 Pseudo-random generator Pseudo-random generator seed output s G G(s) (random, s =n) Deterministic function of s, publicly known G(s) = 2n Distinguisher

More information

Modern cryptography 2. CSCI 470: Web Science Keith Vertanen

Modern cryptography 2. CSCI 470: Web Science Keith Vertanen Modern cryptography 2 CSCI 470: Web Science Keith Vertanen Modern cryptography Overview Asymmetric cryptography Diffie-Hellman key exchange (last time) Pubic key: RSA Pretty Good Privacy (PGP) Digital

More information

Understanding Cryptography A Textbook for Students and Practitioners by Christof Paar and Jan Pelzl

Understanding Cryptography A Textbook for Students and Practitioners by Christof Paar and Jan Pelzl Understanding Cryptography A Textbook for Students and Practitioners by Christof Paar and Jan Pelzl www.crypto-textbook.com Chapter 5 More About Block Ciphers ver. November 26, 2010 Last modified 10-2-17

More information

7. Symmetric encryption. symmetric cryptography 1

7. Symmetric encryption. symmetric cryptography 1 CIS 5371 Cryptography 7. Symmetric encryption symmetric cryptography 1 Cryptographic systems Cryptosystem: t (MCKK GED) (M,C,K,K,G,E,D) M, plaintext message space C, ciphertext message space K, K, encryption

More information

Chapter 9 Public Key Cryptography. WANG YANG

Chapter 9 Public Key Cryptography. WANG YANG Chapter 9 Public Key Cryptography WANG YANG wyang@njnet.edu.cn Content Introduction RSA Diffie-Hellman Key Exchange Introduction Public Key Cryptography plaintext encryption ciphertext decryption plaintext

More information

Math236 Discrete Maths with Applications

Math236 Discrete Maths with Applications Math236 Discrete Maths with Applications P. Ittmann UKZN, Pietermaritzburg Semester 1, 2012 Ittmann (UKZN PMB) Math236 2012 1 / 1 Block Ciphers A block cipher is an encryption scheme in which the plaintext

More information

Applied Cryptography and Network Security

Applied Cryptography and Network Security Applied Cryptography and Network Security William Garrison bill@cs.pitt.edu 6311 Sennott Square Lecture #8: RSA Didn t we learn about RSA last time? During the last lecture, we saw what RSA does and learned

More information

CHAPTER 6. SYMMETRIC CIPHERS C = E(K2, E(K1, P))

CHAPTER 6. SYMMETRIC CIPHERS C = E(K2, E(K1, P)) CHAPTER 6. SYMMETRIC CIPHERS Multiple encryption is a technique in which an encryption algorithm is used multiple times. In the first instance, plaintext is converted to ciphertext using the encryption

More information

Lecture 2. Cryptography: History + Simple Encryption,Methods & Preliminaries. Cryptography can be used at different levels

Lecture 2. Cryptography: History + Simple Encryption,Methods & Preliminaries. Cryptography can be used at different levels Lecture 2 Cryptography: History + Simple Encryption,Methods & Preliminaries 1 Cryptography can be used at different levels algorithms: encryption, signatures, hashing, RNG protocols (2 or more parties):

More information

More on Cryptography CS 136 Computer Security Peter Reiher January 19, 2017

More on Cryptography CS 136 Computer Security Peter Reiher January 19, 2017 More on Cryptography CS 136 Computer Security Peter Reiher January 19, 2017 Page 1 Outline Desirable characteristics of ciphers Stream and block ciphers Cryptographic modes Uses of cryptography Symmetric

More information

COMP4109 : Applied Cryptography

COMP4109 : Applied Cryptography COMP4109 : Applied Cryptography Fall 2013 M. Jason Hinek Carleton University Applied Cryptography Day 4 (and 5 and maybe 6) secret-key primitives symmetric-key encryption security notions and types of

More information

CRYPTOGRAPHY & DIGITAL SIGNATURE

CRYPTOGRAPHY & DIGITAL SIGNATURE UNIT V CRYPTOGRAPHY & DIGITAL SIGNATURE What happens in real life? We have universal electronic connectivity via networks of our computers so allowing viruses and hackers to do eavesdropping. So both the

More information

Spring 2010: CS419 Computer Security

Spring 2010: CS419 Computer Security Spring 2010: CS419 Computer Security Vinod Ganapathy Lecture 7 Topic: Key exchange protocols Material: Class handout (lecture7_handout.pdf) Chapter 2 in Anderson's book. Today s agenda Key exchange basics

More information

Public Key Algorithms

Public Key Algorithms Public Key Algorithms 1 Public Key Algorithms It is necessary to know some number theory to really understand how and why public key algorithms work Most of the public key algorithms are based on modular

More information

Classical Encryption Techniques. CSS 322 Security and Cryptography

Classical Encryption Techniques. CSS 322 Security and Cryptography Classical Encryption Techniques CSS 322 Security and Cryptography Contents Terminology and Models Requirements, Services and Attacks Substitution Ciphers Caesar, Monoalphabetic, Polyalphabetic, One-time

More information

Outline. Data Encryption Standard. Symmetric-Key Algorithms. Lecture 4

Outline. Data Encryption Standard. Symmetric-Key Algorithms. Lecture 4 EEC 693/793 Special Topics in Electrical Engineering Secure and Dependable Computing Lecture 4 Department of Electrical and Computer Engineering Cleveland State University wenbing@ieee.org Outline Review

More information

Activity Guide - Public Key Cryptography

Activity Guide - Public Key Cryptography Unit 2 Lesson 19 Name(s) Period Date Activity Guide - Public Key Cryptography Introduction This activity is similar to the cups and beans encryption we did in a previous lesson. However, instead of using

More information

Introduction. CSE 5351: Introduction to cryptography Reading assignment: Chapter 1 of Katz & Lindell

Introduction. CSE 5351: Introduction to cryptography Reading assignment: Chapter 1 of Katz & Lindell Introduction CSE 5351: Introduction to cryptography Reading assignment: Chapter 1 of Katz & Lindell 1 Cryptography Merriam-Webster Online Dictionary: 1. secret writing 2. the enciphering and deciphering

More information

Security: Cryptography

Security: Cryptography Security: Cryptography Computer Science and Engineering College of Engineering The Ohio State University Lecture 38 Some High-Level Goals Confidentiality Non-authorized users have limited access Integrity

More information

Applied Cryptography and Computer Security CSE 664 Spring 2018

Applied Cryptography and Computer Security CSE 664 Spring 2018 Applied Cryptography and Computer Security Lecture 13: Public-Key Cryptography and RSA Department of Computer Science and Engineering University at Buffalo 1 Public-Key Cryptography What we already know

More information

David Wetherall, with some slides from Radia Perlman s security lectures.

David Wetherall, with some slides from Radia Perlman s security lectures. David Wetherall, with some slides from Radia Perlman s security lectures. djw@cs.washington.edu Networks are shared: Want to secure communication between legitimate participants from others with (passive

More information

2 What does it mean that a crypto system is secure?

2 What does it mean that a crypto system is secure? Cryptography Written by: Marius Zimand Notes: On the notion of security 1 The One-time Pad cryptosystem The one-time pad cryptosystem was introduced by Vernam and Mauborgne in 1919 (for more details about

More information

10.1 Introduction 10.2 Asymmetric-Key Cryptography Asymmetric-Key Cryptography 10.3 RSA Cryptosystem

10.1 Introduction 10.2 Asymmetric-Key Cryptography Asymmetric-Key Cryptography 10.3 RSA Cryptosystem [Part 2] Asymmetric-Key Encipherment Asymmetric-Key Cryptography To distinguish between two cryptosystems: symmetric-key and asymmetric-key; To discuss the RSA cryptosystem; To introduce the usage of asymmetric-key

More information

Encryption. INST 346, Section 0201 April 3, 2018

Encryption. INST 346, Section 0201 April 3, 2018 Encryption INST 346, Section 0201 April 3, 2018 Goals for Today Symmetric Key Encryption Public Key Encryption Certificate Authorities Secure Sockets Layer Simple encryption scheme substitution cipher:

More information

RSA. Public Key CryptoSystem

RSA. Public Key CryptoSystem RSA Public Key CryptoSystem DIFFIE AND HELLMAN (76) NEW DIRECTIONS IN CRYPTOGRAPHY Split the Bob s secret key K to two parts: K E, to be used for encrypting messages to Bob. K D, to be used for decrypting

More information

L2. An Introduction to Classical Cryptosystems. Rocky K. C. Chang, 23 January 2015

L2. An Introduction to Classical Cryptosystems. Rocky K. C. Chang, 23 January 2015 L2. An Introduction to Classical Cryptosystems Rocky K. C. Chang, 23 January 2015 This and the next set of slides 2 Outline Components of a cryptosystem Some modular arithmetic Some classical ciphers Shift

More information

Uzzah and the Ark of the Covenant

Uzzah and the Ark of the Covenant Uzzah and the Ark of the Covenant And when they came to the threshing floor of Chidon, Uzzah put out his hand to take hold of the ark, for the oxen stumbled. 10 And the anger of the LORD was kindled against

More information

Cryptography Symmetric Cryptography Asymmetric Cryptography Internet Communication. Telling Secrets. Secret Writing Through the Ages.

Cryptography Symmetric Cryptography Asymmetric Cryptography Internet Communication. Telling Secrets. Secret Writing Through the Ages. Telling Secrets Secret Writing Through the Ages William Turner Department of Mathematics & Computer Science Wabash College Crawfordsville, IN 47933 Tuesday 4 February 2014 W. J. Turner Telling Secrets

More information

CS Network Security. Nasir Memon Polytechnic University Module 7 Public Key Cryptography. RSA.

CS Network Security. Nasir Memon Polytechnic University Module 7 Public Key Cryptography. RSA. CS 393 - Network Security Nasir Memon Polytechnic University Module 7 Public Key Cryptography. RSA. Course Logistics Homework 2 revised. Due next Tuesday midnight. 2/26,28/02 Module 7 - Pubic Key Crypto

More information

Homework 1 CS161 Computer Security, Spring 2008 Assigned 2/4/08 Due 2/13/08

Homework 1 CS161 Computer Security, Spring 2008 Assigned 2/4/08 Due 2/13/08 Homework 1 CS161 Computer Security, Spring 2008 Assigned 2/4/08 Due 2/13/08 This homework assignment is due Wednesday, February 13 at the beginning of lecture. Please bring a hard copy to class; either

More information

Cryptography and Network Security. Prof. D. Mukhopadhyay. Department of Computer Science and Engineering. Indian Institute of Technology, Kharagpur

Cryptography and Network Security. Prof. D. Mukhopadhyay. Department of Computer Science and Engineering. Indian Institute of Technology, Kharagpur Cryptography and Network Security Prof. D. Mukhopadhyay Department of Computer Science and Engineering Indian Institute of Technology, Kharagpur Module No. # 01 Lecture No. # 38 A Tutorial on Network Protocols

More information

Kurose & Ross, Chapters (5 th ed.)

Kurose & Ross, Chapters (5 th ed.) Kurose & Ross, Chapters 8.2-8.3 (5 th ed.) Slides adapted from: J. Kurose & K. Ross \ Computer Networking: A Top Down Approach (5 th ed.) Addison-Wesley, April 2009. Copyright 1996-2010, J.F Kurose and

More information

Lecture 2 Algorithms with numbers

Lecture 2 Algorithms with numbers Advanced Algorithms Floriano Zini Free University of Bozen-Bolzano Faculty of Computer Science Academic Year 2013-2014 Lecture 2 Algorithms with numbers 1 RSA Algorithm Why does RSA work? RSA is based

More information

ICT 6541 Applied Cryptography. Hossen Asiful Mustafa

ICT 6541 Applied Cryptography. Hossen Asiful Mustafa ICT 6541 Applied Cryptography Hossen Asiful Mustafa Basic Communication Alice talking to Bob Alice Bob 2 Eavesdropping Eve listening the conversation Alice Bob 3 Secure Communication Eve listening the

More information

Cryptography (Overview)

Cryptography (Overview) Cryptography (Overview) Some history Caesar cipher, rot13 substitution ciphers, etc. Enigma (Turing) Modern secret key cryptography DES, AES Public key cryptography RSA, digital signatures Cryptography

More information

EEC-484/584 Computer Networks

EEC-484/584 Computer Networks EEC-484/584 Computer Networks Lecture 23 wenbing@ieee.org (Lecture notes are based on materials supplied by Dr. Louise Moser at UCSB and Prentice-Hall) Outline 2 Review of last lecture Introduction to

More information

Lecture 2 Applied Cryptography (Part 2)

Lecture 2 Applied Cryptography (Part 2) Lecture 2 Applied Cryptography (Part 2) Patrick P. C. Lee Tsinghua Summer Course 2010 2-1 Roadmap Number theory Public key cryptography RSA Diffie-Hellman DSA Certificates Tsinghua Summer Course 2010 2-2

More information

Cryptography (DES+RSA) by Amit Konar Dept. of Math and CS, UMSL

Cryptography (DES+RSA) by Amit Konar Dept. of Math and CS, UMSL Cryptography (DES+RSA) by Amit Konar Dept. of Math and CS, UMSL Transpositional Ciphers-A Review Decryption 1 2 3 4 5 6 7 8 1 2 3 4 5 6 7 8 Encryption 1 2 3 4 5 6 7 8 A G O O D F R I E N D I S A T R E

More information

RSA (algorithm) History

RSA (algorithm) History RSA (algorithm) RSA is an algorithm for public-key cryptography that is based on the presumed difficulty of factoring large integers, the factoring problem. RSA stands for Ron Rivest, Adi Shamir and Leonard

More information

Cryptography and Network Security. Sixth Edition by William Stallings

Cryptography and Network Security. Sixth Edition by William Stallings Cryptography and Network Security Sixth Edition by William Stallings Chapter 9 Public Key Cryptography and RSA Misconceptions Concerning Public-Key Encryption Public-key encryption is more secure from

More information

Other Uses of Cryptography. Cryptography Goals. Basic Problem and Terminology. Other Uses of Cryptography. What Can Go Wrong? Why Do We Need a Key?

Other Uses of Cryptography. Cryptography Goals. Basic Problem and Terminology. Other Uses of Cryptography. What Can Go Wrong? Why Do We Need a Key? ryptography Goals Protect private communication in the public world and are shouting messages over a crowded room no one can understand what they are saying 1 Other Uses of ryptography Authentication should

More information